Chapter 6 CDMA/802.11i

Size: px
Start display at page:

Download "Chapter 6 CDMA/802.11i"

Transcription

1 Chapter 6 CDMA/802.11i IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Some material copyright J.F Kurose and K.W. Ross, All Rights Reserved Introduction 1-1

2 Chapter 6 outline 6.1 Introduction Wireless 6.2 Wireless links, characteristics CDMA 6.3 IEEE wireless LANs ( Wi-Fi ) 6.4 Cellular Internet Access architecture standards (e.g., GSM) Mobility 6.5 Principles: addressing and routing to mobile users 6.6 Mobile IP 6.7 Handling mobility in cellular networks 6.8 Mobility and higher-layer protocols 6.9 Summary Wireless, Mobile Networks 6-2

3 Code Division Multiple Access (CDMA) unique code assigned to each user; i.e., code set partitioning all users share same frequency, but each user has own chipping sequence (i.e., code) to encode data allows multiple users to coexist and transmit simultaneously with minimal interference (if codes are orthogonal ) encoded signal = (original data) X (chipping sequence) decoding: inner-product of encoded signal and chipping sequence Wireless, Mobile Networks 6-3

4 CDMA encode/decode sender data bits code d 0 = 1 d 1 = slot 1 slot 0 Z i,m = d i. cm channel output Z i,m slot 1 channel output slot 0 channel output received input D i = Σ Z i,m. cm m=1 M M d 1 = -1 d 0 = 1 receiver code slot 1 slot 0 slot 1 channel output slot 0 channel output Wireless, Mobile Networks 6-4

5 CDMA: two-sender interference Sender 1 channel sums together transmissions by sender 1 and 2 Sender 2 using same code as sender 1, receiver recovers sender 1 s original data from summed channel data! Wireless, Mobile Networks 6-5

6 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing wireless LANs 8.8 Operational security: firewalls and IDS Network Security

7 WEP design goals symmetric key crypto confidentiality end host authorization data integrity self-synchronizing: each packet separately encrypted given encrypted packet and key, can decrypt; can continue to decrypt packets when preceding packet was lost (unlike Cipher Block Chaining (CBC) in block ciphers) Efficient implementable in hardware or software Network Security

8 Review: symmetric stream ciphers key keystream generator keystream combine each byte of keystream with byte of plaintext to get ciphertext: m(i) = ith unit of message ks(i) = ith unit of keystream c(i) = ith unit of ciphertext c(i) = ks(i) m(i) ( = exclusive or) m(i) = ks(i) c(i) WEP uses RC4 Network Security

9 Stream cipher and packet independence recall design goal: each packet separately encrypted if for frame n+1, use keystream from where we left off for frame n, then each frame is not separately encrypted need to know where we left off for packet n WEP approach: initialize keystream with key + new IV for each packet: Key+IV packet keystream generator keystream packet Network Security

10 WEP encryption (1) sender calculates Integrity Check Value (ICV) over data four-byte hash/crc for data integrity each side has 104-bit shared key sender creates 24-bit initialization vector (IV), appends to key: gives 128- bit key sender also appends keyid (in 8-bit field) 128-bit key inputted into pseudo random number generator to get keystream data in frame + ICV is encrypted with RC4: B\bytes of keystream are XORed with bytes of data & ICV IV & keyid are appended to encrypted data to create payload payload inserted into frame encrypted IV Key ID data ICV MAC payload Network Security

11 WEP encryption (2) IV (per frame) K S : 104-bit secret symmetric plaintext frame data plus CRC k 1 IV key sequence generator ( for given K S, IV) k 2 IV k 3 IV k N IV k N+1 IV k N+1 IV d 1 d 2 d 3 d N CRC 1 CRC header IV WEP-encrypted data plus ICV c 1 c 2 c 3 c N c N+1 c N+4 Figure new 7.8-new1: IV for each WEP frame protocol Network Security

12 WEP decryption overview encrypted IV Key ID data ICV MAC payload receiver extracts IV inputs IV, shared secret key into pseudo random generator, gets keystream XORs keystream with encrypted data to decrypt data + ICV verifies integrity of data with ICV note: message integrity approach used here is different from MAC (message authentication code) and signatures (using PKI). Network Security

13 End-point authentication w/ nonce Nonce: number (R) used only once in-a-lifetime How to prove Alice live : Bob sends Alice nonce, R. Alice must return R, encrypted with shared secret key I am Alice R K A-B (R) Alice is live, and only Alice knows key to encrypt nonce, so it must be Alice! Network Security

14 WEP authentication authentication request nonce (128 bytes) nonce encrypted shared key Notes: success if decrypted value equals nonce not all APs do it, even if WEP is being used AP indicates if authentication is necessary in beacon frame done before association Network Security

15 Breaking WEP encryption security hole: 24-bit IV, one IV per frame, -> IV s eventually reused IV transmitted in plaintext -> IV reuse detected attack: Trudy causes Alice to encrypt known plaintext d 1 d 2 d 3 d 4 Trudy sees: c i = d i XOR k i IV Trudy knows c i d i, so can compute k i IV Trudy knows encrypting key sequence k 1 IV k 2 IV k 3 IV Next time IV is used, Trudy can decrypt! Network Security

16 Solutions to WEP: i WPA Partial implementation of i A gap-stop for older hardware (that isn t able to fully support the WPA2 protocol). Uses RC4 stream cipher (like WEP) WPA2 The complete implementation of i Uses AES block cipher Wireless, Mobile Networks

17 802.11i: WPA2 Fully implemented in WPA2 Adds two features to Way Handshake Group Key Handshake Enterprise version uses authentication server Personal version uses AES pre-shared key Network Security

18 Robust Security Network via 802.1X IEEE 802.1X is the standard defined by IEEE for port based network access control. Basically a protocol to make sure only legitimate clients can use a network secured by WPA2

19 Robust Security Network via 802.1X STA: client station AP: access point wired network AS: Authentication server Three players are needed to run the 802.1X protocol which uses EAP or Extensive Authentication Protocol A client (STA/Supplicant) A wireless access point (AP STA/Authenticator) An authentication server (AS)

20 802.11i: four phases of operation STA: client station AP: access point wired network AS: Authentication server 1 Discovery of security capabilities. Agreement on security policies. 2 STA and AS mutually authenticate, together generate Master Key (MK). AP serves as pass through 3 STA derives Pairwise Master Key (PMK) 3 AS derives same PMK, sends to AP 4 STA, AP use PMK to derive Temporal Key (TK) used for message encryption, integrity Network Security

21 Robust Security Network via 802.1X PMK Pairwise Master Key Sent from the AS to the Authenticator Both the Supplicant and Authenticator now have the same PMK PMK is permanent for the entire session Must generate a Pairwise Transient Key for encryption of data. Done using 4-way handshake

22 Robust Security Network via 802.1X Source:

23 Robust Security Network via 802.1X 4-Way Handshake Confirm that the client holds the PMK. Confirm that the PMK is correct and up-to-date. Create pairwise transient key (PTK) from the PMK. Install the pairwise encryption and integrity keys (MIC) into IEEE Transport the group temporal key (GTK) and GTK sequence number from Authenticator to Supplicant and install the GTK and GTK sequence number in the STA and, if not already installed, in the AP. Confirm the cipher suite selection.

24 Generating the PTK 4-Way Handshake Source:

25 Key Hierarchy Source:

26 WPA2-PSK Pre-Shared Key Mode Network traffic encrypted using a 256 bit PMK User enters key (Pairwise Master Key) 64 hex digits 8-63 Printable ASCII characters Takes the passphrase, salts it with SSID of AP, then runs it through 4096 iterations of HMAC-SHA-1

27 WPA2-PSK Authentication, Connection, Establishment of PTK and GTK. Similar process as when an AS is present except the PSK is used as the PMK. Creation of PTK and GTK is the same as in Enterprise mode.

28 Further Information Go to this document provided by the Linux Documentation Project as a good study reference for wireless security: Wireless, Mobile Networks

Netzwerksicherheit: Anwendungen

Netzwerksicherheit: Anwendungen Internet-Technologien (CS262) Netzwerksicherheit: Anwendungen 22. Mai 2015 Christian Tschudin & Thomas Meyer Departement Mathematik und Informatik, Universität Basel Chapter 8 Security in Computer Networks

More information

802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com

802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security (WEP, WPA\WPA2) 19/05/2009 Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security Standard: WEP Wired Equivalent Privacy The packets are encrypted, before sent, with a Secret Key

More information

Chapter 6 Wireless and Mobile Networks

Chapter 6 Wireless and Mobile Networks Chapter 6 Wireless and Mobile Networks A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see the animations;

More information

UNIK4250 Security in Distributed Systems University of Oslo Spring 2012. Part 7 Wireless Network Security

UNIK4250 Security in Distributed Systems University of Oslo Spring 2012. Part 7 Wireless Network Security UNIK4250 Security in Distributed Systems University of Oslo Spring 2012 Part 7 Wireless Network Security IEEE 802.11 IEEE 802 committee for LAN standards IEEE 802.11 formed in 1990 s charter to develop

More information

Symm ym e m t e r t ic i c cr c yptogr ypt aphy a Ex: RC4, AES 2

Symm ym e m t e r t ic i c cr c yptogr ypt aphy a Ex: RC4, AES 2 Wi-Fi Security FEUP>MIEIC>Mobile Communications Jaime Dias Symmetric cryptography Ex: RC4, AES 2 Digest (hash) Cryptography Input: variable length message Output: a fixed-length bit

More information

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

More information

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions

More information

WEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication

WEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication WLAN Security WEP Overview 1/2 WEP, Wired Equivalent Privacy Introduced in 1999 to provide confidentiality, authentication and integrity Includes weak authentication Shared key Open key (the client will

More information

CS 356 Lecture 29 Wireless Security. Spring 2013

CS 356 Lecture 29 Wireless Security. Spring 2013 CS 356 Lecture 29 Wireless Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter

More information

WLAN security. Contents

WLAN security. Contents Contents WEP (Wired Equivalent Privacy) No key management Authentication methods Encryption and integrity checking WPA (WiFi Protected Access) IEEE 802.1X authentication framework Practical example using

More information

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015 CS5490/6490: Network Security- Lecture Notes - November 9 th 2015 Wireless LAN security (Reference - Security & Cooperation in Wireless Networks by Buttyan & Hubaux, Cambridge Univ. Press, 2007, Chapter

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,

More information

Chapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Chapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All

More information

Chapter 10 Security of Wireless LAN

Chapter 10 Security of Wireless LAN Chapter 10 Security of Wireless LAN WEP WPA WPA2 [NetSec], WS 2008/2009 10.1 WLAN Authentication and Encryption WEP (Wired Equivalent Privacy) First Generation One way shared key authentication RC4 encryption

More information

CS 336/536 Computer Network Security. Summer Term 2010. Wi-Fi Protected Access (WPA) compiled by Anthony Barnard

CS 336/536 Computer Network Security. Summer Term 2010. Wi-Fi Protected Access (WPA) compiled by Anthony Barnard CS 336/536 Computer Network Security Summer Term 2010 Wi-Fi Protected Access (WPA) compiled by Anthony Barnard 2 Wi-Fi Protected Access (WPA) These notes, intended to follow the previous handout IEEE802.11

More information

Wireless LAN Security

Wireless LAN Security Wireless LAN Security WEP: Overview WEP = Wired Equivalency Protocol RC4 stream cipher Purposes: Authentication Packet Encryption Uses single key to authenticate all network users and encrypt all packets

More information

Security in IEEE 802.11 WLANs

Security in IEEE 802.11 WLANs Security in IEEE 802.11 WLANs 1 IEEE 802.11 Architecture Extended Service Set (ESS) Distribution System LAN Segment AP 3 AP 1 AP 2 MS MS Basic Service Set (BSS) Courtesy: Prashant Krishnamurthy, Univ Pittsburgh

More information

Wireless security. Any station within range of the RF receives data Two security mechanism

Wireless security. Any station within range of the RF receives data Two security mechanism 802.11 Security Wireless security Any station within range of the RF receives data Two security mechanism A means to decide who or what can use a WLAN authentication A means to provide privacy for the

More information

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example Table of Contents Wi Fi Protected Access 2 (WPA 2) Configuration Example...1 Document ID: 67134...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...2 Conventions...2 Background Information...2

More information

10. Wireless Networks

10. Wireless Networks Computernetzwerke und Sicherheit (CS221) 10. Wireless Networks 1. April 2011 omas Meyer Departement Mathematik und Informatik, Universität Basel Chapter 6 Wireless and Mobile Networks (with changes CS221

More information

WLAN Security. Mustafa Hibic, Panteleimon Cheropoulos and Altan Koray Aydemir

WLAN Security. Mustafa Hibic, Panteleimon Cheropoulos and Altan Koray Aydemir WLAN Security Mustafa Hibic, Panteleimon Cheropoulos and Altan Koray Aydemir Chapters 1. Introductions 2. Modes of Unauthorized Access 3. Security Measures 4. Wired Equivalent Privacy (WEP) 5. Wi-Fi Protected

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 roadmap 1 What is network security? 2 Principles of cryptography 3 Message integrity, authentication

More information

Lecture 9: Wireless Security WEP/WPA. Course Admin

Lecture 9: Wireless Security WEP/WPA. Course Admin Lecture 9: Wireless Security WEP/WPA CS 336/536: Computer Network Security Fall 2013 Nitesh Saxena Adopted from previous lecture by Keith Ross, Amine Khalife and Tony Barnard Course Admin Mid-Term Exam

More information

Security of Wireless Local Area Network (WLAN)

Security of Wireless Local Area Network (WLAN) Adrián Lachata, Štefan Pero Abstract. This paper deals with security of WLAN. This network uses standard IEEE 802.11. We will explain cipher algorithm RC4 and communication between client and Access Point

More information

EVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE 802.11i (WPA2)

EVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE 802.11i (WPA2) EVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE 802.11i (WPA2) Moffat Mathews, Ray Hunt Department of Computer Science and Software Engineering, University of Canterbury, New Zealand {ray.hunt@canterbury.ac.nz}

More information

Key Management (Distribution and Certification) (1)

Key Management (Distribution and Certification) (1) Key Management (Distribution and Certification) (1) Remaining problem of the public key approach: How to ensure that the public key received is really the one of the sender? Illustration of the problem

More information

White Paper. Wireless LAN Security. Copyright Madge Limited. All rights reserved.

White Paper. Wireless LAN Security. Copyright Madge Limited. All rights reserved. White Paper Wireless LAN Security Copyright 2002-2003 Madge Limited. All rights reserved. 1 Introduction As wireless LANs become widely deployed, and the business benefits become clear, concern has grown

More information

WLAN Security. WLAN Security Standards WEP IEEE 802.1x Wi-Fi Protected Access (WPA) i Layered Security for Wireless Networks

WLAN Security. WLAN Security Standards WEP IEEE 802.1x Wi-Fi Protected Access (WPA) i Layered Security for Wireless Networks TECHNISCHE UNIVERSITÄT ILMENAU WLAN Security Integrated Hard- and Software Systems http://www.tu-ilmenau.de/ihs WLAN Security Standards WEP IEEE 802.1x Wi-Fi Protected Access (WPA) 802.11i Layered Security

More information

Computer Networks - CS132/EECS148 - Spring 2013 --------------------------------------------------------------------------

Computer Networks - CS132/EECS148 - Spring 2013 -------------------------------------------------------------------------- Computer Networks - CS132/EECS148 - Spring 2013 Instructor: Karim El Defrawy Assignment 5 Deadline : May 30th 9:30pm (hard and soft copies required) --------------------------------------------------------------------------

More information

WLAN Access Security Technical White Paper. Issue 02. Date 2012-09-24 HUAWEI TECHNOLOGIES CO., LTD.

WLAN Access Security Technical White Paper. Issue 02. Date 2012-09-24 HUAWEI TECHNOLOGIES CO., LTD. WLAN Access Security Technical White Paper Issue 02 Date 2012-09-24 HUAWEI TECHNOLOGIES CO., LTD. . 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by

More information

White paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points. http://www.veryxtech.com

White paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points. http://www.veryxtech.com White paper Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points http://www.veryxtech.com White Paper Abstract Background The vulnerabilities spotted in the Wired Equivalent Privacy (WEP) algorithm

More information

Authentication in WLAN

Authentication in WLAN Authentication in WLAN Flaws in WEP (Wired Equivalent Privacy) Wi-Fi Protected Access (WPA) Based on draft 3 of the IEEE 802.11i. Provides stronger data encryption and user authentication (largely missing

More information

General security analysis of an IT configuration based on WLAN

General security analysis of an IT configuration based on WLAN General security analysis of an IT configuration based on WLAN Thijs Veugen (TNO Telecom, p.j.m.veugen@telecom.tno.nl) Sander Degen (TNO Telecom, a.j.g.degen@telecom.tno.nl) In this chapter a structured

More information

WiFi Security: WEP, WPA, and WPA2

WiFi Security: WEP, WPA, and WPA2 WiFi Security: WEP, WPA, and WPA2 - security requirements in wireless networks - WiFi primer - WEP and its flaws - 802.11i - WPA and WPA2 (RSN) Why security is more of a concern in wireless? no inherent

More information

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security fs@wpi.edu

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security fs@wpi.edu Introduction to WiFi Security Frank Sweetser WPI Network Operations and Security fs@wpi.edu Why should I care? Or, more formally what are the risks? Unauthorized connections Stealing bandwidth Attacks

More information

chap18.wireless Network Security

chap18.wireless Network Security SeoulTech UCS Lab 2015-1 st chap18.wireless Network Security JeongKyu Lee Email: jungkyu21@seoultech.ac.kr Table of Contents 18.1 Wireless Security 18.2 Mobile Device Security 18.3 IEEE 802.11 Wireless

More information

Tutorial: An Overview of Wireless Security

Tutorial: An Overview of Wireless Security Tutorial: An Overview of Wireless Security Jung-Min Jerry Park (jungmin@vt.edu) Dept. of Electrical & Computer Engineering Virginia Tech CESCA Research Day March 2013 Some of the material presented here

More information

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the

More information

Wireless LAN Security Mechanisms

Wireless LAN Security Mechanisms Wireless LAN Security Mechanisms Jingan Xu, Andreas Mitschele-Thiel Technical University of Ilmenau, Integrated Hard- and Software Systems Group jingan.xu@tu-ilmenau.de, mitsch@tu-ilmenau.de Abstract.

More information

Wireless Authentication and Encryption: A Primer

Wireless Authentication and Encryption: A Primer Wireless Vulnerability Management Wireless Authentication and Encryption: A Primer Presented by: Hemant Chaskar, PhD Director of Technology AirTight Networks 2008 AirTight Networks, Inc. All Rights Reserved.

More information

Wireless Networks. Welcome to Wireless

Wireless Networks. Welcome to Wireless Wireless Networks 11/1/2010 Wireless Networks 1 Welcome to Wireless Radio waves No need to be physically plugged into the network Remote access Coverage Personal Area Network (PAN) Local Area Network (LAN)

More information

Table of Contents 1 WLAN Security 1-1

Table of Contents 1 WLAN Security 1-1 Table of Contents 1 WLAN Security 1-1 Overview 1-1 Authentication Modes 1-1 WLAN Data Security 1-2 Client Access Authentication 1-3 WLAN Security Policies 1-5 i 1 WLAN Security Overview WLAN networks feature

More information

1. discovery phase 2. authentication and association phase 3. EAP/802.1x/RADIUS authentication 4. 4-way handshake 5. group key handshake 6.

1. discovery phase 2. authentication and association phase 3. EAP/802.1x/RADIUS authentication 4. 4-way handshake 5. group key handshake 6. 1. discovery phase 2. authentication and association phase 3. EAP/802.1x/RADIUS authentication 4. 4-way handshake 5. group key handshake 6. secure data communication. The access point periodically advertise

More information

Wireless Pre-Shared Key Cracking (WPA, WPA2)

Wireless Pre-Shared Key Cracking (WPA, WPA2) Wireless Pre-Shared Key Cracking (WPA, WPA2) TABLE OF CONTENTS Introduction... 2 Mechanics Of PSKs And How They Work Demystified... 2 How PSKs Can Be Cracked!... 5 WPA2 PSK Cracking Demonstration.... 6

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret

More information

Security Protocols. 1. Data Link Layer Security: Focusing on WLAN

Security Protocols. 1. Data Link Layer Security: Focusing on WLAN Security Protocols 1. Data Link Layer Security: Focusing on WLAN The Datalink lyaer of the OSI Model, deals with the transfer of data between adjacent network nodes within a wide area or local area network.

More information

Chapter 8. Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, sl April 2009. Thanks and enjoy!

Chapter 8. Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, sl April 2009. Thanks and enjoy! Chapter 8 Network Security A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and

More information

CS549: Cryptography and Network Security

CS549: Cryptography and Network Security CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared

More information

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074 Issues in WiFi Networks Nicolae TOMAI Faculty of Economic Informatics Department of IT&C Technologies Babes Bolyai Cluj-Napoca University, Romania tomai@econ.ubbcluj.ro Abstract: The paper has four sections.

More information

Chapter 8 Network Security

Chapter 8 Network Security Chapter 8 A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and delete slides (including

More information

Computer Networks. Secure Systems

Computer Networks. Secure Systems Computer Networks Secure Systems Summary Common Secure Protocols SSH HTTPS (SSL/TSL) IPSec Wireless Security WPA2 PSK vs EAP Firewalls Discussion Secure Shell (SSH) A protocol to allow secure login to

More information

A DISCUSSION OF WIRELESS SECURITY TECHNOLOGIES

A DISCUSSION OF WIRELESS SECURITY TECHNOLOGIES A DISCUSSION OF WIRELESS SECURITY TECHNOLOGIES Johanna Janse van Rensburg, Barry Irwin Rhodes University G01j202j7@campus.ru.ac.za, b.irwin@ru.ac.za (083) 944 3924 Computer Science Department, Hamilton

More information

Data Center Networks, Link Layer Wireless (802.11)

Data Center Networks, Link Layer Wireless (802.11) Internet-Technologien (CS262) Data Center Networks, Link Layer Wireless (802.11) 1.4.2015 Christian Tschudin Departement Mathematik und Informatik, Universität Basel 6 Wiederholung Warum «multiple access»?

More information

Network Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2002): 15 Wireless LAN Security 1 Dr.-Ing G.

Network Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2002): 15 Wireless LAN Security 1 Dr.-Ing G. Network Security Chapter 15 Security of Wireless Local Area Networks Network Security WS 2002: 15 Wireless LAN Security 1 IEEE 802.11 IEEE 802.11 standardizes medium access control MAC and physical characteristics

More information

Vulnerabilities of Wireless Security protocols (WEP and WPA2)

Vulnerabilities of Wireless Security protocols (WEP and WPA2) Vulnerabilities of Wireless Security protocols (WEP and WPA2) Vishal Kumkar, Akhil Tiwari, Pawan Tiwari, Ashish Gupta, Seema Shrawne Abstract - Wirelesses Local Area Networks (WLANs) have become more prevalent

More information

Related Chapters. Chapter 15: Wireless Network Security Chapter 16: Wireless Sensor Network Security Chapter 17: Cellular Network Security

Related Chapters. Chapter 15: Wireless Network Security Chapter 16: Wireless Sensor Network Security Chapter 17: Cellular Network Security Wireless Security Related Chapters Chapter 15: Wireless Network Security Chapter 16: Wireless Sensor Network Security Chapter 17: Cellular Network Security 2 Wireless Technologies InfraRed BlueTooth (Piconet,

More information

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks

TinySec: A Link Layer Security Architecture for Wireless Sensor Networks TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastr, David Wagner Presented By: Tristan Brown Outline Motivation Cryptography Overview TinySec Design Implementation

More information

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1 Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Goals v understand principles of network security: cryptography and its many uses beyond

More information

MAC,

MAC, Announcements 18-759: Wireless Networks Lecture 12: 802.11 Management Peter Steenkiste Dina Papagiannaki Spring Semester 2009 http://www.cs.cmu.edu/~prs/wireless09/ Peter A. Steenkiste, CMU 1 Midterm:

More information

The next generation of knowledge and expertise Wireless Security Basics

The next generation of knowledge and expertise Wireless Security Basics The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com

More information

Configuring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list)

Configuring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list) Configuring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list) Hackers can easily trap information transmitted over wireless network, it has to be encrypted to avoid unauthorized users

More information

Chapter 8 Network Security

Chapter 8 Network Security Chapter 8 Network Security A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and

More information

Data Communications & Networks. Session 11 Main Theme Network Security. Dr. Jean-Claude Franchitti

Data Communications & Networks. Session 11 Main Theme Network Security. Dr. Jean-Claude Franchitti Data Communications & Networks Session 11 Main Theme Network Security Dr. Jean-Claude Franchitti New York University Computer Science Department Courant Institute of Mathematical Sciences Adapted from

More information

Advanced Security Issues in Wireless Networks

Advanced Security Issues in Wireless Networks Advanced Security Issues in Wireless Networks Seminar aus Netzwerke und Sicherheit Security Considerations in Interconnected Networks Alexander Krenhuber Andreas Niederschick 9. Januar 2009 Advanced Security

More information

Lecture 3. WPA and 802.11i

Lecture 3. WPA and 802.11i Lecture 3 WPA and 802.11i Lecture 3 WPA and 802.11i 1. Basic principles of 802.11i and WPA 2. IEEE 802.1X 3. Extensible Authentication Protocol 4. RADIUS 5. Efficient Handover Authentication 1 Lecture

More information

Security in Wireless and Mobile Networks

Security in Wireless and Mobile Networks Security in Wireless and Mobile Networks 1 Introduction This is a vast and active field, a course by itself Many references on wireless security A good book on wireless cooperation: Thwarting Malicious

More information

WLAN Security. Giwhan Cho ghcho@dcs.chonbuk.ac.kr. Distributed/Mobile Computing System Lab. Chonbuk National University

WLAN Security. Giwhan Cho ghcho@dcs.chonbuk.ac.kr. Distributed/Mobile Computing System Lab. Chonbuk National University WLAN Security Giwhan Cho ghcho@dcs.chonbuk.ac.kr Distributed/Mobile Computing System Lab. Chonbuk National University Content WLAN security overview 802.11i WLAN security components pre-rsn (Robust Security

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

Wireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.

Wireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas. Wireless Security New Standards for 802.11 Encryption and Authentication Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.com National Conference on m-health and EOE Minneapolis, MN Sept 9, 2003 Key

More information

Chapter 10: Designing and Implementing Security for Wireless LANs Overview

Chapter 10: Designing and Implementing Security for Wireless LANs Overview Chapter 10: Designing and Implementing Security for Wireless LANs Overview Identify and describe the strengths, weaknesses, appropriate uses, and appropriate implementation of IEEE 802.11 security related

More information

CSC574: Computer and Network Security

CSC574: Computer and Network Security CSC574: Computer and Network Security Lecture 21 Prof. William Enck Spring 2016 (Derived from slides by Micah Sherr) Wireless Security Wireless makes network security much more difficult Wired: If Alice

More information

Wired Equivalent Privacy (WEP) versus Wi-Fi Protected Access (WPA)

Wired Equivalent Privacy (WEP) versus Wi-Fi Protected Access (WPA) 2009 International Conference on Signal Processing Systems Wired Equivalent Privacy (WEP) versus Wi-Fi Protected Access (WPA) ARASH HABIBI LASHKARI Computer Science Dept. of FCSIT a_habibi_l@hotmail.com

More information

XIV. Title. 2.1 Schematics of the WEP. 21. 2.2 Encryption in WEP technique 22. 2.3 Decryption in WEP technique. 22. 2.4 Process of TKIP 25

XIV. Title. 2.1 Schematics of the WEP. 21. 2.2 Encryption in WEP technique 22. 2.3 Decryption in WEP technique. 22. 2.4 Process of TKIP 25 XIV LIST OF FIGURES Figure Title Page 2.1 Schematics of the WEP. 21 2.2 Encryption in WEP technique 22 2.3 Decryption in WEP technique. 22 2.4 Process of TKIP 25 2.5 IEEE 802.1x Structure 30 2.6 RSNA Architecture

More information

Configuring a WLAN for Static WEP

Configuring a WLAN for Static WEP Restrictions for Configuring Static WEP, page 1 Information About WLAN for Static WEP, page 1 Configuring WPA1+WPA2, page 3 Restrictions for Configuring Static WEP The OEAP 600 series does not support

More information

Tutorial 3. June 8, 2015

Tutorial 3. June 8, 2015 Tutorial 3 June 8, 2015 I. Basic Notions 1. Multiple-choice (Review Questions Chapter 6, 8 and 11) 2. Answers by a small paragraph (Chapter 2: viruses: MBR, rootkits, ) Multiple choice X. Which is the

More information

1. Scope and objectives. 2 Introduction IEEE GPP TSG SA WG3 Security S July 9 July 12, 2002 Helsinki, Finland

1. Scope and objectives. 2 Introduction IEEE GPP TSG SA WG3 Security S July 9 July 12, 2002 Helsinki, Finland TSG SA WG3 Security S3-020341 July 9 July 12, 2002 Helsinki, Finland Agenda Item: 7.9 Source: Ericsson Title: Introduction of IEEE 802.11 Security Document for: Discussion 1. Scope and objectives This

More information

Stream Ciphers. Example of Stream Decryption. Example of Stream Encryption. Real Cipher Streams. Terminology. Introduction to Modern Cryptography

Stream Ciphers. Example of Stream Decryption. Example of Stream Encryption. Real Cipher Streams. Terminology. Introduction to Modern Cryptography Introduction to Modern Cryptography Lecture 2 Symmetric Encryption: Stream & Block Ciphers Stream Ciphers Start with a secret key ( seed ) Generate a keying stream i-th bit/byte of keying stream is a function

More information

Focus Assignment. Secure computer systems Fall WLAN Security

Focus Assignment. Secure computer systems Fall WLAN Security Focus Assignment Secure computer systems Fall 2004 WLAN Security Anders Nistér anders.nister@lcb.uu.se Andreas Lundin Andreas.Lundin.8031@student.uu.se Karl-Oskar Lundin karloskarlundin@hotmail.com Uppsala

More information

WiFi Security Assessments

WiFi Security Assessments WiFi Security Assessments Robert Dooling Dooling Information Security Defenders (DISD) December, 2009 This work is licensed under a Creative Commons Attribution 3.0 Unported License. Table of Contents

More information

ISSM 533 Cryptology and Secure Network Communications Lab 4 WEP Encryption

ISSM 533 Cryptology and Secure Network Communications Lab 4 WEP Encryption ISSM 533 Cryptology and Secure Network Communications Lab 4 WEP Encryption Lab Objectives Implement two wireless networks using basic WEP encryption using 10 character static keys implemented on all machines

More information

Network Security Protocols

Network Security Protocols Network Security Protocols Information Security (bmevihim100) Dr. Levente Buttyán associate professor BME Hálózati Rendszerek és Szolgáltatások Tanszék Lab of Cryptography and System Security (CrySyS)

More information

First Semester Examinations 2011/12 INTERNET PRINCIPLES

First Semester Examinations 2011/12 INTERNET PRINCIPLES PAPER CODE NO. EXAMINER : Martin Gairing COMP211 DEPARTMENT : Computer Science Tel. No. 0151 795 4264 First Semester Examinations 2011/12 INTERNET PRINCIPLES TIME ALLOWED : Two Hours INSTRUCTIONS TO CANDIDATES

More information

Distributed Systems Security

Distributed Systems Security Distributed Systems Security Protocols (Physical/Data-Link Layer) Dr. Dennis Pfisterer Institut für Telematik, Universität zu Lübeck http://www.itm.uni-luebeck.de/people/pfisterer Overview Security on

More information

Wireless LAN Security with 802.1x, EAP-TLS, and PEAP. Steve Riley Senior Consultant MCS Trustworthy Computing Services

Wireless LAN Security with 802.1x, EAP-TLS, and PEAP. Steve Riley Senior Consultant MCS Trustworthy Computing Services Wireless LAN Security with 802.1x, EAP-TLS, and PEAP Steve Riley Senior Consultant MCS Trustworthy Computing Services So what s the problem? WEP is a euphemism Wired Equivalent Privacy Actually, it s a

More information

Chapter 8. Network Security

Chapter 8. Network Security Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who

More information

Lecture 2 Secure Wireless LAN

Lecture 2 Secure Wireless LAN Lecture 2 Secure Wireless LAN Network security (19265400 / 201000086) Lecturers: Aiko Pras Pieter-Tjerk de Boer Anna Sperotto Ramin Sadre Georgios Karagiannis Acknowledgements Part of the slides are based

More information

Chapter 2 Wireless Networking Basics

Chapter 2 Wireless Networking Basics Chapter 2 Wireless Networking Basics Wireless Networking Overview Some NETGEAR products conform to the Institute of Electrical and Electronics Engineers (IEEE) 802.11g standard for wireless LANs (WLANs).

More information

WIRELESS LAN SECURITY FUNDAMENTALS

WIRELESS LAN SECURITY FUNDAMENTALS WIRELESS LAN SECURITY FUNDAMENTALS Jone Ostebo November 2015 #ATM15ANZ @ArubaANZ Learning Goals Authentication with 802.1X But first: We need to understand some PKI And before that, we need a cryptography

More information

Network Security. HIT Shimrit Tzur-David

Network Security. HIT Shimrit Tzur-David Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key

More information

Bit Chat: A Peer-to-Peer Instant Messenger

Bit Chat: A Peer-to-Peer Instant Messenger Bit Chat: A Peer-to-Peer Instant Messenger Shreyas Zare shreyas@technitium.com https://technitium.com December 20, 2015 Abstract. Bit Chat is a peer-to-peer instant messaging concept, allowing one-to-one

More information

Wireless security (WEP) 802.11b Overview

Wireless security (WEP) 802.11b Overview Wireless security (WEP) 9/01/10 EJ Jung 802.11b Overview! Standard for wireless networks Approved by IEEE in 1999! Two modes: infrastructure and ad hoc IBSS (ad hoc) mode Independent Basic Service Set

More information

The Importance of Wireless Security

The Importance of Wireless Security The Importance of Wireless Security Because of the increasing popularity of wireless networks, there is an increasing need for security. This is because unlike wired networks, wireless networks can be

More information

Self Help Guide IMPORTANT! Securing Your Wireless Network. This Guide refers to the following Products: Please read the following carefully; Synopsis:

Self Help Guide IMPORTANT! Securing Your Wireless Network. This Guide refers to the following Products: Please read the following carefully; Synopsis: IMPORTANT! This Guide refers to the following Products: Securing Your Wireless Network Please read the following carefully; Synopsis: This Guide is designed to help you if you have a Wireless Network that

More information

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Wireless Security All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Portability Tamper-proof devices? Intrusion and interception of poorly

More information

MAC Layer Key Hierarchies and Establishment Procedures

MAC Layer Key Hierarchies and Establishment Procedures MAC Layer Key Hierarchies and Establishment Procedures Jukka Valkonen jukka.valkonen@tkk.fi 17.11.2006 1. Introduction and Background 2. Pair-wise associations 3. Group associations 4. Different layers

More information

A SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS

A SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS A SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS Jose Perez Texas A&M University Corpus Christi Email: jluisperez16@gmail.com Fax Number: (361) 825-2795 Faculty Advisor: Dr. Ahmed Mahdy, Texas A&M University

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information

IEEE 802.11 Wireless LAN Security Overview

IEEE 802.11 Wireless LAN Security Overview 138 IEEE 802.11 Wireless LAN Security Overview Ahmed M. Al Naamany, Ali Al Shidhani, Hadj Bourdoucen Department of Electrical and Computer Engineering Sultan Qaboos University, Oman. Summary Wireless Local

More information